iskra / vpn
Privacy Policy

How we handle your data.

Last updated: 9 July 2026

Effective: 9 July 2026

This policy explains what data Nevidio OÜ (trading as "IskraVPN", "we", "us") processes when you use our VPN service and app, order a subscription on this website, and contact support, and what your rights are.

The Russian version is the primary version. This English version is a convenience translation; in case of discrepancy, the Russian text prevails.

01 Who we are

The data controller is Nevidio OÜ, a private limited company incorporated in Estonia (details in the Public Offer).

For privacy questions and data requests, contact privacy@nevid.io. For general support, message @iskravpn_app_bot on Telegram.

You also have the right to lodge a complaint with the Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon, aki.ee) or with the supervisory authority in your country of residence.

02 What we collect

We designed IskraVPN to know as little about you as possible.

Account

A randomly generated account identifier and your subscription status (free or premium, expiry date). To use the app, we do not require your name, email, or phone number.

Order and email

When you order a subscription on the website we collect an email address — to send the receipt and activation code and to contact you about the order. Providing an email is voluntary, but without it we cannot process the order or issue the activation code.

Payments

Subscription payments are processed by a third-party payment provider (see Section 4). We receive only a payment reference and confirmation of payment, which we link to your order to activate your subscription. We do not receive or store your card number, bank account details, or SBP credentials.

Connection records

For operational reasons (capacity planning, abuse prevention, debugging), we record aggregate connection events: timestamps, the protocol and exit location used, and the volume of data transferred.

These records do not contain your source IP address, your account identifier, your location, or any other information that could attribute a connection to you or to any specific person.

Operational signals

The app sends anonymized signals about network conditions and app stability — latency, error rates, crash reports. These are aggregate, cannot be tied to a specific user, and are a necessary part of how the Service works. They are not used for behavioural analysis, marketing, or sales.

Support communications

If you contact us via the Telegram bot or by email, we receive the content of your message and your Telegram username or email address. We retain support conversations for as long as needed to resolve your issue and for a reasonable follow-up period.

Website

The website does not use analytics, advertising trackers, or cookies that identify visitors. Our hosting provider processes technical request metadata, including IP addresses, for security and abuse prevention.

03 Why we process this data

Under the General Data Protection Regulation (GDPR), we rely on the following legal bases:

04 Who we share data with

We share the minimum necessary data with:

Because we do not store source IP addresses or any information linking accounts to identities, we are not able to produce records identifying a specific user from a specific connection, even when ordered to do so.

We do not sell your data. We do not share it for advertising.

05 How long we keep it

06 International transfers

The Service operates exit nodes in multiple countries by design. We work with providers in countries that either offer an adequate level of data protection under EU law or are bound by Standard Contractual Clauses approved by the European Commission.

07 Your rights

Under the GDPR, you have the right to access your data, rectify it, erase it, restrict or object to processing, obtain portability, withdraw consent, and lodge a complaint with a supervisory authority.

Because we identify you only by an opaque account identifier or your order email, we may need one of them to act on a request. Write to privacy@nevid.io — we respond within 30 days.

08 Children

The Service is not intended for children under 16. We do not knowingly collect data from children under 16. If you believe we have, contact privacy@nevid.io and we will delete it.

09 Changes

We may update this policy. The current version is always available on this website. Material changes will be announced on the website and in the app.

10 Contact

Nevidio OÜ (trading as "IskraVPN")

Email: privacy@nevid.io

Telegram: @iskravpn_app_bot